Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2017-0161: NetBIOS Remote Code Execution Vulnerability

Free InsightVM Trial No Credit Card Necessary
Watch Demo See how it all works
Back to Search

Microsoft CVE-2017-0161: NetBIOS Remote Code Execution Vulnerability

Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
09/12/2017
Created
07/25/2018
Added
09/12/2017
Modified
11/18/2021

Description

A race condition that could lead to a remote code execution vulnerability exists in NetBT Session Services when NetBT fails to maintain certain sequencing requirements. To exploit the vulnerability, an attacker needs to be able to send specially crafted NetBT Session Service packets to an impacted system. An attacker who successfully exploits the vulnerability could execute arbitrary code on the target. The security update addresses the vulnerability by correcting how NetBT sequences certain operations.

Solution(s)

  • msft-kb4038779-1070c9d0-e91b-4bc4-b7b9-a64dd8e76951
  • msft-kb4038779-1f7d6ab2-b81a-4f48-859a-706a9990c78c
  • msft-kb4038779-3de7a78a-5b97-4df7-8bf6-36ebe20d3c75
  • msft-kb4038779-530b9069-0208-4eef-add4-da2b473e9ef8
  • msft-kb4038779-bb0be51a-f352-4d5f-b522-7d85d6e18585
  • msft-kb4038779-fcccb9ba-857f-484e-83be-fd0685a31efb
  • msft-kb4038781-543bcc38-5dd5-4468-ba64-42b448b2f723
  • msft-kb4038781-723a8a89-df76-45ca-8a16-9801e28fd75b
  • msft-kb4038782-397ff69f-657f-4029-9329-b2c00bd6a6a8
  • msft-kb4038782-e895239d-88ad-4ac3-b68f-8abb6b489d19
  • msft-kb4038782-e8a8e193-de5d-413d-990a-76d355b5fb5e
  • msft-kb4038783-7e41eb51-d66a-484f-a0d0-391ac07541b4
  • msft-kb4038783-cd8e051c-b8c6-40df-871b-909087f49cd6
  • msft-kb4038786-2ac4d3a4-287f-4f33-bb61-b7b81245f55b
  • msft-kb4038786-6c356cec-ee0d-458a-9561-daba4b9d324a
  • msft-kb4038786-793b7e3e-090e-472e-b275-b520b5832a77
  • msft-kb4038788-c74d6456-695e-4f07-a9b9-35e07259012b
  • msft-kb4038788-da917577-591c-4e7d-8ff0-4ef45f3c203f
  • msft-kb4038793-8c3d7238-564c-4ed3-ae6f-e3d9881f6f5f
  • msft-kb4038793-9516efa8-6493-43de-979c-ebf2aa89aa69
  • msft-kb4038793-d97e9753-f904-44d9-87a2-35cbf248aef4

References

View more

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;